Microsoft To Encrypt Data Center Links; Says NSA Hacking Would Be Unconstitutional

from the and-now-what? dept

We were somewhat surprised to see Microsoft recently admit that in the wake of the revelation that the NSA had infiltrated the private data links between Yahoo and Google's data centers that it had not yet decided to encrypt its own such links. Google had very quickly moved to encrypt those links and Yahoo has recently done so as well (though it took a little while). Now Microsoft is saying that it's going to do the same thing.

While the revealed documents did not directly point to a similar infiltration of Microsoft, there's reason to believe it was also compromised. Other Snowden documents mentioned in the linked article above note that Microsoft is listed as having data accessible under the same program, referred to as MUSCULAR. Perhaps more interesting is Microsoft making it clear that it believes any such infiltration would be a serious legal violation:
When asked about the NSA documents mentioning surveillance of Microsoft services, Smith issued a sharply worded statement: “These allegations are very disturbing. If they are true these actions amount to hacking and seizure of private data and in our view are a breach of the protection guaranteed by the Fourth Amendment to the Constitution.”
Of course, just because something is a Constitutional violation doesn't necessarily mean that there's much of a legal remedy. Any lawsuit would immediately lead to claims of sovereign immunity and national security to try to kill off any such lawsuit. It's the same thing the feds have done every time they've been challenged on this stuff. The only real way to deal with this is to make sure that the companies actually protect user data in a manner that makes it nearly impossible for the government to break in as it has in the past.

Filed Under: brad smith, datacenters, encryption, infiltration, nsa, nsa surveillance
Companies: microsoft


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    Anonymous Coward, 27 Nov 2013 @ 7:32pm

    Re: Re:

    I will disagree with you on this one, those connections are nothing like having a router at home, the right analogy would have me passing a long cable to the other apartment three stories up and never checking up on it, assuming nobody would temper with it.

    They are not accessible to the internet, they are accessible to a guy and a pair of pliers though, we all knew this for a long time and even the government knows this, that is why if you go digging in some places the secret service shows up.

    http://www.fibersensys.com/security-solutions/pds-alarmed-carrier/item/s-pon-physical-security-an d-pds-alarmed-carrier

    The very least they could have done is encrypt the traffic, no need for fancy cabling full of sensors trying to sense tampering on the cables.

    Further the more people start using the cloud the more attractive those things become, specially when money is involved so is just not governments that would want to try and tap it but also criminals.

    So I will once again ask why the most basic security was not implemented a long time ago?

    Was it because governments said they didn't want them to do it and they turned a blind eye to the problems with it?

    Because that would be like having someone tell you not to implement a security feature because he is using it to do something else, at the expense of everybody that could be harmed by real criminals.

    Do anybody ever uses paypal, send credit card info with any of those companies?
    Do any system administrator have access to that information?
    There are external and internal threats and the government although a worthy one is not the only.

    I could go on and on, but hopefully this makes this little bit can make the point.

    ps: I do encrypt all traffic in my home network, it costs nothing and it increases the layer of security.

    More sources:
    http://www.idquantique.com/network-encryption/video-hacking-an-optical-fiber.html

    http://www. itpro.co.uk/613486/fibre-optic-networks-vulnerable-to-hacking

    http://www.techrepublic.com/blog/it-security/protect-your-network-against-fiber-hacks/

    http://searchs ecurity.techtarget.com/magazineContent/Optical-network-security-Inside-a-fiber-optic-hack

    http://hack aday.com/2011/06/21/the-engineering-guy-explains-fiber-optics/

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.